Skip to main content
This guide walks your engineering team through everything needed to integrate your native app with the Voucher Platform: user provisioning, authentication, the embeddable webview, the consumer API surface, and the outbound webhook contract.
For an interactive endpoint reference with try-it-out controls, switch to the API Reference tab in the top nav. The raw OpenAPI 3.1 spec is available at /openapi.json — import it into Postman, Insomnia, or your codegen tool of choice.
Stuck? Ask the Partner Assistant. It’s an AI chat grounded in these docs — handy for “what header do I send for X?” or “why am I getting signature_expired?” If it can’t answer, email albert.chai@hextar.com.

Three integration surfaces

There are exactly three surfaces partners touch:

Server → us

Your backend authenticates with HMAC; you upsert and delete users at /integrations/*.

Webview / consumer

Runs inside the partner-issued webview (or your own UI); authenticates with the per-user JWT you mint.

Outbound webhooks

We POST signed JSON to your webhookUrl whenever a user event happens.

How the pieces fit together

┌─────────────────────┐   1. POST /integrations/users      ┌──────────────────────┐
│                     ├───────────────────────────────────▶│                      │
│  Your backend       │   2. mint JWT for user             │  Voucher Platform    │
│                     │                                    │                      │
│                     │◀───────────────────────────────────┤                      │
│                     │   5. webhook on claim/redemption   │                      │
└──────────┬──────────┘                                    └──────────▲───────────┘
           │                                                          │
           │ 3. open /consumer#token=<JWT>                            │
           ▼                                                          │
┌─────────────────────┐                                               │
│                     │   4. user claims & redeems vouchers           │
│  Embedded webview   ├───────────────────────────────────────────────┘
│  (in your app)      │
└─────────────────────┘
Step 1 is optional. If you skip the explicit user upsert, the user is created just-in-time the first time their JWT arrives at /me. Most partners still call POST /integrations/users so PII corrections (email changes, opt-outs) propagate without waiting for the next webview open.

Where to start

Quickstart

End-to-end worked example: provision a user, mint a JWT, open the webview, receive the webhook.

Concepts

Vocabulary and the mental model. Read this first if you’re new to the integration.